• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_
6 #define CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_
7 
8 #include <string>
9 
10 #include "base/gtest_prod_util.h"
11 #include "base/memory/linked_ptr.h"
12 #include "chrome/browser/signin/signin_global_error.h"
13 #include "components/browser_context_keyed_service/browser_context_keyed_service.h"
14 #include "google_apis/gaia/oauth2_token_service.h"
15 
16 namespace net {
17 class URLRequestContextGetter;
18 }
19 
20 class GoogleServiceAuthError;
21 class Profile;
22 class SigninGlobalError;
23 
24 // ProfileOAuth2TokenService is a BrowserContextKeyedService that retrieves
25 // OAuth2 access tokens for a given set of scopes using the OAuth2 login
26 // refresh tokens.
27 //
28 // See |OAuth2TokenService| for usage details.
29 //
30 // Note: after StartRequest returns, in-flight requests will continue
31 // even if the TokenService refresh token that was used to initiate
32 // the request changes or is cleared.  When the request completes,
33 // Consumer::OnGetTokenSuccess will be invoked, but the access token
34 // won't be cached.
35 //
36 // Note: requests should be started from the UI thread. To start a
37 // request from other thread, please use ProfileOAuth2TokenServiceRequest.
38 class ProfileOAuth2TokenService : public OAuth2TokenService,
39                                   public BrowserContextKeyedService {
40  public:
41   // Initializes this token service with the profile.
42   virtual void Initialize(Profile* profile);
43 
44   // Loads credentials from a backing persistent store to make them available
45   // after service is used between profile restarts.
46   // Usually it's not necessary to directly call this method.
47   // TODO(bauerb): Make this method protected once this class initializes itself
48   // automatically.
49   virtual void LoadCredentials();
50 
51   // BrowserContextKeyedService implementation.
52   virtual void Shutdown() OVERRIDE;
53 
54   // Gets an account id of the primary account related to the profile.
55   std::string GetPrimaryAccountId();
56 
57   // Lists account IDs of all accounts with a refresh token.
58   virtual std::vector<std::string> GetAccounts() OVERRIDE;
59 
60   // Updates a |refresh_token| for an |account_id|. Credentials are persisted,
61   // and available through |LoadCredentials| after service is restarted.
62   virtual void UpdateCredentials(const std::string& account_id,
63                                  const std::string& refresh_token);
64 
65   // Revokes credentials related to |account_id|.
66   void RevokeCredentials(const std::string& account_id);
67 
68   // Revokes all credentials handled by the object.
69   void RevokeAllCredentials();
70 
signin_global_error()71   SigninGlobalError* signin_global_error() {
72     return signin_global_error_.get();
73   }
74 
signin_global_error()75   const SigninGlobalError* signin_global_error() const {
76     return signin_global_error_.get();
77   }
78 
profile()79   Profile* profile() const { return profile_; }
80 
81  protected:
82   class AccountInfo : public SigninGlobalError::AuthStatusProvider {
83    public:
84     AccountInfo(ProfileOAuth2TokenService* token_service,
85                 const std::string& account_id,
86                 const std::string& refresh_token);
87     virtual ~AccountInfo();
88 
refresh_token()89     const std::string& refresh_token() const { return refresh_token_; }
set_refresh_token(const std::string & token)90     void set_refresh_token(const std::string& token) {
91       refresh_token_ = token;
92     }
93 
94     void SetLastAuthError(const GoogleServiceAuthError& error);
95 
96     // SigninGlobalError::AuthStatusProvider implementation.
97     virtual std::string GetAccountId() const OVERRIDE;
98     virtual GoogleServiceAuthError GetAuthStatus() const OVERRIDE;
99 
100    private:
101     ProfileOAuth2TokenService* token_service_;
102     std::string account_id_;
103     std::string refresh_token_;
104     GoogleServiceAuthError last_auth_error_;
105 
106     DISALLOW_COPY_AND_ASSIGN(AccountInfo);
107   };
108 
109   // Maps the |account_id| of accounts known to ProfileOAuth2TokenService
110   // to information about the account.
111   typedef std::map<std::string, linked_ptr<AccountInfo> > AccountInfoMap;
112 
113   ProfileOAuth2TokenService();
114   virtual ~ProfileOAuth2TokenService();
115 
116   // OAuth2TokenService overrides.
117   virtual std::string GetRefreshToken(const std::string& account_id) OVERRIDE;
118 
119   // OAuth2TokenService implementation.
120   virtual net::URLRequestContextGetter* GetRequestContext() OVERRIDE;
121 
122   // Updates the internal cache of the result from the most-recently-completed
123   // auth request (used for reporting errors to the user).
124   virtual void UpdateAuthError(
125       const std::string& account_id,
126       const GoogleServiceAuthError& error) OVERRIDE;
127 
128   // Persists credentials for |account_id|. Enables overriding for
129   // testing purposes, or other cases, when accessing the DB is not desired.
130   virtual void PersistCredentials(const std::string& account_id,
131                                   const std::string& refresh_token);
132 
133   // Clears credentials persisted for |account_id|. Enables overriding for
134   // testing purposes, or other cases, when accessing the DB is not desired.
135   virtual void ClearPersistedCredentials(const std::string& account_id);
136 
refresh_tokens()137   AccountInfoMap& refresh_tokens() { return refresh_tokens_; }
138 
139  private:
140   FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceTest,
141                            TokenServiceUpdateClearsCache);
142   FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceTest,
143                            PersistenceDBUpgrade);
144   FRIEND_TEST_ALL_PREFIXES(MutableProfileOAuth2TokenServiceTest,
145                            PersistenceLoadCredentials);
146 
147   // Revokes the refresh token on the server.
148   virtual void RevokeCredentialsOnServer(const std::string& refresh_token);
149 
150   // The profile with which this instance was initialized, or NULL.
151   Profile* profile_;
152 
153   // In memory refresh token store mapping account_id to refresh_token.
154   AccountInfoMap refresh_tokens_;
155 
156   // Used to show auth errors in the wrench menu. The SigninGlobalError is
157   // different than most GlobalErrors in that its lifetime is controlled by
158   // ProfileOAuth2TokenService (so we can expose a reference for use in the
159   // wrench menu).
160   scoped_ptr<SigninGlobalError> signin_global_error_;
161 
162   DISALLOW_COPY_AND_ASSIGN(ProfileOAuth2TokenService);
163 };
164 
165 #endif  // CHROME_BROWSER_SIGNIN_PROFILE_OAUTH2_TOKEN_SERVICE_H_
166